CVE-2023-1055: Infoleak
First published: Mon Feb 27 2023(Updated: )
A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive information leaked. An attacker with a local account where the cockpit-389-ds is running can list the processes and display the hashed passwords. The highest threat from this vulnerability is to data confidentiality.
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Redhat Directory Server | =11.5 | |
| Redhat Directory Server | =11.6 | |
| Redhat Directory Server | =12.0 | |
| Redhat Directory Server | =12.1 | |
| Fedoraproject Fedora | =36 | |
| Fedoraproject Fedora | =37 | |
| Fedoraproject Fedora | =38 | |
| redhat/389-ds-base 2.3.5 | <1. | 1. |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi?id=2173517#c0
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZOYQ5TCV6ZEPMDV4CSLK3KINAAO4SRI/
- https://github.com/389ds/389-ds-base/blob/c69f2691bb9c3933c1ff3f81139011fc7d66b0aa/src/cockpit/389-console/src/lib/ldap_editor/lib/utils.jsx#L989-L997
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2173675
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2173676
- https://access.redhat.com/errata/RHSA-2023:3489
- https://access.redhat.com/errata/RHSA-2023:4655
- https://bugzilla.redhat.com/show_bug.cgi?id=2173517
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZOYQ5TCV6ZEPMDV4CSLK3KINAAO4SRI/
Frequently Asked Questions
What is CVE-2023-1055?
CVE-2023-1055 is a vulnerability found in RHDS 11 and RHDS 12 that could allow sensitive information to be leaked.
How does CVE-2023-1055 affect the affected software?
CVE-2023-1055 affects RHDS 11.5, 11.6, 12.0, 12.1, Fedora 36, 37, and 38.
What is the severity of CVE-2023-1055?
CVE-2023-1055 has a severity of medium (CVSS score of 5.5).
How can an attacker exploit CVE-2023-1055?
An attacker with a local account where the cockpit-389-ds is running can list the processes and potentially access sensitive information.
Is there a fix available for CVE-2023-1055?
Yes, fixed versions of the affected software are available. Please refer to the references for more information.
- collector/nvd-api
- collector/nvd-index
- agent/author
- agent/type
- agent/first-publish-date
- agent/references
- agent/weakness
- agent/description
- agent/softwarecombine
- agent/severity
- agent/tags
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-1055
- agent/software-canonical-lookup
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/redhat
- canonical/redhat directory server
- version/redhat directory server/11.5
- version/redhat directory server/11.6
- version/redhat directory server/12.0
- version/redhat directory server/12.1
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/36
- version/fedoraproject fedora/37
- version/fedoraproject fedora/38
- package-manager/redhat